x/swift3
Code Issues Proposed changes
Swift3 Middleware for OpenStack Swift, allowing access to OpenStack swift via the Amazon S3 API.
401 Commits 2 Branches 7 Tags 5.4 MiB
Python 99.3%
Shell 0.7%
f9d856fc26
Go to file
Tim Burke f9d856fc26 Transcribe more headers for responses 
Per AWS's docs, Cache-Control and Expires may be set on upload [1]. On
download, the same headers would then be included in the response.
Previously, these would not be included in Swift3 responses; now they
will be.

Additionally, several headers may be set on download via query
parameters. This functionality already exists, but AWS's docs specify
that this is "a subset of the headers that Amazon S3 accepts when you
create an object" [2], so we should ensure Content-Language and
Content-Disposition are transcribed as well.

Finally, there is at least one undocumented header, X-Robots-Tag, which
AWS allows to be set. At the very least, Boto [3] knows to try.

Note that setting all of these headers already worked in Swift3, but
requires that you update the allowed_headers option in the
[app:object-server] section of object-server.conf. The conf used for
functional tests has been so updated.

[1] http://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectPUT.html#RESTObjectPUT-requests-request-headers

[2] http://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectGET.html#RESTObjectGET-requests-request-parameters

[3] https://github.com/boto/boto/commit/0c11983

Change-Id: I22001c6fd14033a9f13c36a3e05fdc678c75654f
2015-10-09 17:00:32 -07:00
doc Fix response of Upload Part Copy requests 2015-01-20 10:34:54 +09:00
etc Transcribe more headers for responses 2015-10-09 17:00:32 -07:00
swift3 Transcribe more headers for responses 2015-10-09 17:00:32 -07:00
.gitignore Improve coverage report 2014-04-16 10:55:54 +09:00
.gitreview Add .gitreview file. 2014-03-22 15:42:32 +09:00
.unittests Add unittests from swift repository. 2012-05-21 13:21:24 +02:00
AUTHORS WIP - acls and test cases 2012-10-15 14:59:43 -07:00
CHANGELOG Swift3 1.8 2015-06-07 23:46:09 -07:00
LICENSE Addding a few base files to the project. 2012-05-21 13:05:34 +02:00
README.md Update version of keystone used for functests 2015-08-12 21:03:07 +00:00
requirements.txt Fix the version of Swift that required to install Swift3 2015-02-19 14:58:52 +09:00
setup.cfg Swift3 1.8 2015-06-07 23:46:09 -07:00
setup.py Add setup.cfg and pbr support. 2014-04-09 11:30:40 +02:00
test-requirements.txt Draft: Change functional tests to the new structure. 2015-03-11 11:11:24 +09:00
tox.ini Pin PyECLib==1.0.7 2015-09-16 21:20:26 +00:00

README.md

Swift3

Swift3 Middleware for OpenStack Swift, allowing access to OpenStack swift via the Amazon S3 API.

Features

  • Support AWS Signature Version 2 (Version 4 is not ready)
  • Support Services APIs (GET)
  • Support Bucket APIs (GET/PUT/DELETE/HEAD)
  • Support Object APIs (GET/PUT/DELETE/HEAD)
  • Support Multipart Upload (required SLO middleware support)
  • Support S3 ACL (under development)

Install

  1. Install Swift3 with sudo python setup.py install or sudo python setup.py develop or via whatever packaging system you may be using.

  2. Alter your proxy-server.conf pipeline to have swift3:

If you use tempauth:

Was::

    [pipeline:main]
    pipeline = catch_errors cache tempauth proxy-server

Change To::

    [pipeline:main]
    pipeline = catch_errors cache swift3 tempauth proxy-server

To support Multipart Upload::

    [pipeline:main]
    pipeline = catch_errors cache swift3 tempauth slo proxy-server

If you use keystone:

Was::

    [pipeline:main]
    pipeline = catch_errors cache authtoken keystone proxy-server

Change To::

    [pipeline:main]
    pipeline = catch_errors cache swift3 s3token authtoken keystoneauth proxy-server

To support Multipart Upload::

    [pipeline:main]
    pipeline = catch_errors cache swift3 s3token authtoken keystoneauth slo proxy-server

Note:

  • The s3token and authtoken filters require the keystonemiddleware package.
  • Swift3 explicitly checks that keystoneauth is in the pipeline. You must use this name in the pipeline statement and in [filter:keystoneauth] section header.

  1. Add to your proxy-server.conf the section for the Swift3 WSGI filter::

    [filter:swift3] use = egg:swift3#swift3

You also need to add the following if you use keystone (adjust port, host, protocol configurations for your environment):

[filter:s3token]
paste.filter_factory = keystonemiddleware.s3_token:filter_factory
auth_port = 35357
auth_host = 127.0.0.1
auth_protocol = http
  1. Swift3 config options:

You can find a proxy config example in swift3/etc/proxy-server.conf-sample.

# Swift has no concept of the S3's resource owner; the resources
# (i.e. containers and objects) created via the Swift API have no owner
# information. This option specifies how the swift3 middleware handles them
# with the S3 API.  If this option is 'false', such kinds of resources will be
# invisible and no users can access them with the S3 API.  If set to 'true',
# the resource without owner is belong to everyone and everyone can access it
# with the S3 API.  If you care about S3 compatibility, set 'false' here.  This
# option makes sense only when the s3_acl option is set to 'true' and your
# Swift cluster has the resources created via the Swift API.
allow_no_owner = false

# Set a region name of your Swift cluster.  Note that Swift3 doesn't choose a
# region of the newly created bucket actually.  This value is used only for the
# GET Bucket location API.
location = US

# Set the default maximum number of objects returned in the GET Bucket
# response.
max_bucket_listing = 1000

# Set the maximum number of objects we can delete with the Multi-Object Delete
# operation.
max_multi_delete_objects = 1000

# If set to 'true', Swift3 uses its own metadata for ACL
# (e.g. X-Container-Sysmeta-Swift3-Acl) to achieve the best S3 compatibility.
# If set to 'false', Swift3 tries to use Swift ACL (e.g. X-Container-Read)
# instead of S3 ACL as far as possible.  If you want to keep backward
# compatibility with Swift3 1.7 or earlier, set false here
# If set to 'false' after set to 'true' and put some container/object,
# all users will be able to access container/object.
# Note that s3_acl doesn't keep the acl consistency between S3 API and Swift
# API. (e.g. when set s3acl to true and PUT acl, we won't get the acl
# information via Swift API at all and the acl won't be applied against to
# Swift API even if it is for a bucket currently supported.)
# Note that s3_acl currently supports only keystone and tempauth.
# DON'T USE THIS for production before enough testing for your use cases.
# This stuff is still under development and it might cause something
# you don't expect.
s3_acl = false

# Specify a host name of your Swift cluster.  This enables virtual-hosted style
# requests.
storage_domain =

Functional and Unit Tests

We provide functional/unit tests to make swift3 middleware more stable.

For Ubuntu 12.04
$ sudo apt-get install python-dev python-pip libffi-dev libssl-dev libxml2-dev libxslt1-dev
$ sudo pip install tox

# Run unit tests with Python 2.7
$ tox -e py27

# Run functional tests with tempauth
$ tox -e tempauth

# Run functional tests with s3token, keystoneauth and keystone
$ tox -e keystone

# Run all tests
$ tox

# For developer, please run unit tests and syntax check tests before summit path
$ tox -e pylint -e pep8 -e py27